Wednesday, September 7, 2011

HostnameVerifier 'oracle.jdevimpl.webservices.tcpmonitor.config.AnalyzerConfiguration$1CustomHostnameVerifier'

We have called a secured web service on SSL in our demo, which is deployed on weblogic server ansd this server is configured to one way secure on SSL .  Then we tried to call this web service by creating a web service proxy.

But when running this proxy, it threw the below error:

HostnameVerifier 'oracle.jdevimpl.webservices.tcpmonitor.config.AnalyzerConfiguration$1CustomHostnameVerifier'

By default weblogic has hostname verification enabled. This means when you are invoking a https URL , the CN name in the ssl server certificate should match with the hostname part of the url

Then we found we were using IP address to access this web service, which is not matched to the domain name used to create the SSL certificates as well.  After that we can access it successfully.

If this is a dev environment you can try disabling hostname verification in Server --> SSL --> Advanced. In production it is recommended to always turn on hostname verification.

No comments: